I know exposing personal over rpc is vulnerable. But is there any way I can make exposure of personal over rpc safe?
Let me state my requirement. I have deployed a cryptocurrency. Now I want to expose it's functions as api.
But for that I have to expose personal over rpc to carry out transactions. For eg. to perform transfer , I can write following code:

Problem:
But if someone can connect to my node then he can misuse personal and empty my account. Edit:
As I was writing the question I realised that it's not only about personal but it's rpc that is insecure. For example let's consider a case where personal is not exposed over rpc. But, if someone can connect to my node via rpc, they can execute a function like:

and carry all my ethers.
So is there any solution to the problem. As I stated in my requirement I need to expose personal over rpc in order to provide api's of my contract functions to my other application.

You need to build some middleware. These are very specific requirements, and web3 does not support them. You need to build your own API that does its own transaction validation and authentication, and then you can just use IPC to send transactions to your node securely
– Tjaden Hess♦Dec 12 '16 at 14:16

You mean I have to code forsomething like web3??? I can use web3 to perform every task that I require, but I want to know how can I make it more secure?
– Prashant Prabhakar SinghDec 13 '16 at 4:49

Also..the question raises a second scenerio that RPC is unsafe(with or without Personal). What about that. Shall I raise another question for second case
– Prashant Prabhakar SinghDec 13 '16 at 4:52

Presumably if Prashant's account needs to have Ether in it he sometimes needs to unlock that account to do whatever it is that needs access to them, so a strong password won't be enough.
– Edmund EdgarDec 15 '16 at 3:38

@BookyPoohBah How can I use personal.sendTransaction when I have to send Transaction via RPC. There is no function like web3.personal.sendTransaction(). This function works only from geth console.
– Prashant Prabhakar SinghDec 15 '16 at 9:02